Skip to content

Commit

Permalink
Add Hcloud Networks Tutorial (hetzneronline#161)
Browse files Browse the repository at this point in the history 
* Add HCloud Networks Tutorial

* formatting

* formatting
  • Loading branch information
@LKaemmerling @leojakeson
LKaemmerling authored and leojakeson committed Jul 10, 2019
1 parent cdbc343 commit 4a8eab4
Show file tree
Hide file tree
Showing 2 changed files with 400 additions and 0 deletions.
200 changes: 200 additions & 0 deletions tutorials/hcloud-networks-basic/01.en.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,200 @@
---
path: "/tutorials/hcloud-networks-basic"
slug: "hcloud-networks-basic"
date: "2019-07-10"
title: "Hetzner Cloud: Networks"
short_description: "A basic introduction into the Hetzner Cloud Networks."
tags: ["Hetzner Cloud", "hcloud", "networks"]
author: "Lukas Kämmerling"
author_link: "https://github.com/LKaemmerling"
author_img: "https://avatars1.githubusercontent.com/u/4281581"
author_description: ""
language: "en"
available_languages: ["en", "ru"]
header_img: ""
---

## Introduction

In this tutorial we will show a brief introduction into the Hetzner Cloud Networks, the private networking feature for the Hetzner Cloud.

You have many options to manage Hetzner Cloud Networks:

* Web panel [Hetzner Cloud Console](https://console.hetzner.cloud/)
* CLI tool [hcloud](https://github.com/hetznercloud/cli)
* [Hetzner Cloud API](https://docs.hetzner.cloud/)

In this tutorial we will use the CLI tool `hcloud`.

**Prerequisites**

* Hetzner Cloud API Token
* Basic knowledge about the Hetzner Cloud
* We assume that you know, what a server, an image, a server type or a volume is.
* Visit Hetzner Cloud Console at [https://console.hetzner.cloud](https://console.hetzner.cloud), select your project, and create a new API Token.
* latest `hcloud` tool is installed (> 1.13.0)
* Windows, FreeBSD
* Grab your pre-built binary from [Github](https://github.com/hetznercloud/cli/releases/latest)
* Linux
* Using [Linuxbrew](https://linuxbrew.sh/)
* `brew install hcloud`
* Grab your pre-built binary from [Github](https://github.com/hetznercloud/cli/releases/latest)
* MacOS
* Using [Homebrew](https://brew.sh/)
* `brew install hcloud`
* Grab your pre-built binary from [Github](https://github.com/hetznercloud/cli/releases/latest)

### What are Networks?

Networks is a free feature for the Hetzner Cloud, which allows you to create private IPv4 networks between your Hetzner Cloud servers. As a sample, you could create a database server which is only available on the private network instead of binding it to the public network, where it would be accessible from everywhere.

You can fully customize the network range as long as you use the network ranges described in [RFC1918](https://tools.ietf.org/html/rfc1918):

* 10.0.0.0/8
* 172.16.0.0/12
* 192.168.0.0/16

A Network itself is globally available, each Network can have up to 50 subnets. You can attach up to 100 servers to a Network. As sample: A Network could have the IP range `10.0.0.0/8`, a subnet `10.0.0.0/24` and a server in this subnet could have the IP `10.0.0.2`.

## Step 1 - Setup our test environment

Before we can start, we need to setup a test environment. We need at least two servers to demonstrate the usage of Networks. For our test two CX11 are enough. We create them now with the CLI and the following commands:

```bash
hcloud server create --name node-1 --type cx11 --image ubuntu-18.04
hcloud server create --name node-2 --type cx11 --image ubuntu-18.04
```

After this commands you need to create a new Network and a subnet. We will choose the network range `10.0.0.0/8`, so every server which is attached to this network will get an IP from this range.

```bash
hcloud network create --name my-network --ip-range 10.0.0.0/8
```

Now we need to create a subnet within this network. We specify that the subnet is in the network zone `eu-central` which includes the locations `hel1`,`fsn1` and `nbg1`, is of type `server` and the ip range is `10.0.0.0/24`, so every attached server will get an ip from this range.

```bash
hcloud network add-subnet my-network --network-zone eu-central --type server --ip-range 10.0.0.0/24
```

Now we just need to attach the servers to the network. We don't need to specify an IP for the server on this step, because the Hetzner Cloud system will pick a free private IP in your subnet for you, but of course you can specify an IP.

```bash
hcloud server attach-network node-1 --network my-network
hcloud server attach-network node-2 --network my-network --ip 10.0.0.7
```

Now both servers should have an IP from your Network. `node-1` should have the IP `10.0.0.2` and `node-2` should have `10.0.0.7`. You can check this with the commands `hcloud server describe node-1` and `hcloud server describe node-2`. When you run these commands you should see a text similar to this in the output:

```bash
Name: node-1
[...]
Private Net:
- ID: 21
Name: my-network
IP: 10.0.0.2
Alias IPs: -
```

Congratulations! You have created your first network and attached servers to it. The IP should already be configured for you! Let's connect to these servers and check IPs.

```bash
hcloud server ssh node-1
```

You should see something like `IP address for ens7: 10.0.0.2` in the welcome message from your server!

## Step 2 - Networks in action

You have configured successfully the networks, now let's make some small tests. First, you should open two terminal windows and ssh into both servers.

First window:

```bash
hcloud server ssh node-1
```

Second window:

```bash
hcloud server ssh node-2
```

We will now perform a ping from each node.

First window:

```bash
ping 10.0.0.7
```

Second window:

```bash
ping 10.0.0.2
```

You should see a similar output on every window:

First window:

```console
root@node-1:~# ping 10.0.0.7
PING 10.0.0.7 (10.0.0.7) 56(84) bytes of data.
64 bytes from 10.0.0.7: icmp_seq=1 ttl=63 time=0.464 ms
64 bytes from 10.0.0.7: icmp_seq=2 ttl=63 time=0.969 ms
```

Second window:

```console
root@node-2:~# ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=63 time=2.89 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=63 time=0.630 ms
```

The servers can access each other via the private network.

Let's see, how the traffic between these nodes goes.
We will perform a `mtr` on `node-1`.

First window:

```bash
mtr 10.0.0.7
```

You should get an output similar to this:

```console
Packets Pings
Host Loss% Snt Last Avg Best Wrst StDev
1. 10.0.0.1 0.0% 45 8.8 7.8 5.4 11.1 1.0
2. 10.0.0.7 0.0% 44 0.6 0.7 0.5 2.0 0.3
```

You can see the following: Packets to `10.0.0.7` goes through the gateway (`10.0.0.1`) and then directly to the destination `10.0.0.7`! Nobody else is between them. To show you the difference to the public interface we perform a `mtr` on the public IP of `node-2` too. We assume that the public IP is `203.0.113.XX`.

First window:

```console
mtr 203.0.113.XX # please replace this with the public IP of node-2
```

Result:

```console
1. _gateway 0.0% 4 0.2 0.2 0.1 0.2 0.0
2. XXXXX.your-cloud.host 0.0% 4 0.3 0.7 0.3 1.9 0.8
3. XXX.cloud1.YYYYYY.hetzner.com 0.0% 4 13.5 15.3 13.5 19.0 2.5
4. YYYYY.your-cloud.host 0.0% 4 0.6 0.6 0.3 1.0 0.3
5. ???
6. static.XX.113.0.203.clients.your 0.0% 3 0.5 0.6 0.5 0.6 0.1
```

On the public interface, there is no direct connection between the nodes like on the private networks.

## Conclusion

You have now a brief overview over the Hetzner Cloud Networks feature. As you can image, there are many usecases for using this feature like databases, kubernetes or secure connection to your servers via vpn.
Loading

0 comments on commit 4a8eab4

Please sign in to comment.